🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2025-14790 | Medium | 6.5 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due …
|
— | Mar 25, 2026 |
| CVE-2026-32120 | Medium | 6.5 |
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to versio…
|
⚡ Exploit ✅ Patch | Mar 25, 2026 |
| CVE-2026-20083 | Medium | 6.5 |
A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, …
|
— | Mar 25, 2026 |
| CVE-2026-1014 | Medium | 6.5 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON …
|
— | Mar 25, 2026 |
| CVE-2026-23635 | Medium | 6.5 |
Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of …
|
— | Mar 25, 2026 |
| CVE-2026-3119 | Medium | 6.5 |
Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affec…
|
— | Mar 25, 2026 |
| CVE-2026-33223 | Medium | 6.4 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.1…
|
— | Mar 25, 2026 |
| CVE-2026-33246 | Medium | 6.4 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server offers a…
|
— | Mar 25, 2026 |
| CVE-2025-14810 | Medium | 6.3 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been mod…
|
— | Mar 25, 2026 |
| CVE-2026-4825 | Medium | 6.3 |
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /up…
|
— | Mar 25, 2026 |
| CVE-2025-64646 | Medium | 6.2 |
IBM Concert 1.0.0 through 2.2.0 could allow an attacker to access sensitive information in memory due to the buffer not …
|
— | Mar 25, 2026 |
| CVE-2025-12708 | Medium | 6.2 |
IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user.
|
— | Mar 25, 2026 |
| CVE-2026-20104 | Medium | 6.1 |
A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS93…
|
— | Mar 25, 2026 |
| CVE-2025-40842 | Medium | 6.1 |
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a
Cross-Site Scripting (XSS) vulnerability which, if exp…
|
— | Mar 25, 2026 |
| CVE-2026-20115 | Medium | 6.1 |
A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confide…
|
— | Mar 25, 2026 |
| CVE-2025-64648 | Medium | 5.9 |
IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an attacker to obtain sensitive informatio…
|
— | Mar 25, 2026 |
| CVE-2026-27656 | Medium | 5.7 |
Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to properly validate …
|
— | Mar 25, 2026 |
| CVE-2026-2483 | Medium | 5.4 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to cross-site scripting. This vulnerability al…
|
— | Mar 25, 2026 |
| CVE-2026-3591 | Medium | 5.4 |
A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a spec…
|
— | Mar 25, 2026 |
| CVE-2026-1015 | Medium | 5.4 |
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This ma…
|
— | Mar 25, 2026 |